Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/1BE36B85F82AA9405E87639E2CB49C6EB0E719C6CC0619563E5C408D87253F54/0/3133312e3130302e302e302f32322d3234203d3e203432343733.roa
File:                     3133312e3130302e302e302f32322d3234203d3e203432343733.roa (raw, json)
Hash identifier:          M+ZfdwC4ezvYJYArVkDLoD/onR1oNZ3SpzMSJ8rlhTA=
Subject key identifier:   6B:E1:2D:E6:FD:4B:F8:15:1B:54:A4:54:E2:01:4D:B8:C9:BF:63:F2
Certificate issuer:       /CN=CC7F59E10868BFB993AAD4E7AC6585D3748F2855
Certificate serial:       140FFBCCD19387BBD1A526D759B0BA0C3B5B912F
Authority key identifier: CC:7F:59:E1:08:68:BF:B9:93:AA:D4:E7:AC:65:85:D3:74:8F:28:55
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC7F59E10868BFB993AAD4E7AC6585D3748F2855.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/1BE36B85F82AA9405E87639E2CB49C6EB0E719C6CC0619563E5C408D87253F54/0/3133312e3130302e302e302f32322d3234203d3e203432343733.roa
Signing time:             Tue 04 Feb 2025 18:20:24 +0000
ROA not before:           Tue 04 Feb 2025 18:15:24 +0000
ROA not after:            Tue 03 Feb 2026 18:20:24 +0000
asID:                     42473
IP address blocks:        131.100.0.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:0f:fb:cc:d1:93:87:bb:d1:a5:26:d7:59:b0:ba:0c:3b:5b:91:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CC7F59E10868BFB993AAD4E7AC6585D3748F2855
        Validity
            Not Before: Feb  4 18:15:24 2025 GMT
            Not After : Feb  3 18:20:24 2026 GMT
        Subject: CN=6BE12DE6FD4BF8151B54A454E2014DB8C9BF63F2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:55:ea:5f:a7:92:f7:65:fc:d6:3a:a7:1b:8f:
                    47:7a:25:41:09:61:d1:db:c1:46:f9:3b:6d:4b:b4:
                    dc:0d:a3:84:c3:62:fc:0e:2b:0b:9d:69:43:dc:0f:
                    f6:5f:a2:cb:c4:41:00:a4:1c:47:66:22:69:6f:56:
                    57:8e:4b:73:48:5a:df:dc:aa:18:4f:d3:bc:e7:ac:
                    b8:92:e0:5a:d2:ad:7b:ef:c1:45:94:2f:dc:74:10:
                    ae:2a:97:9b:31:3b:fc:c4:79:56:7f:1a:7e:5a:7a:
                    69:c1:1e:1f:df:f1:de:18:ad:7d:9f:b3:5e:50:7d:
                    7e:cc:40:61:80:35:38:03:8f:77:4d:f3:6f:99:7a:
                    31:40:0e:42:3b:d4:2c:9c:ed:92:e5:33:a5:bd:c6:
                    ce:fa:c9:36:f4:79:3a:3d:16:79:d0:52:ce:20:9d:
                    b4:45:4b:f9:4d:fd:6c:64:b7:83:f3:17:0e:7b:2a:
                    98:d9:17:e4:13:80:94:e5:ba:1f:bf:6e:98:d2:a7:
                    6d:64:a5:a0:de:14:d2:f8:39:70:fe:ff:86:eb:60:
                    ef:6e:ec:d1:a1:43:21:b8:8d:a2:5e:3a:53:8f:98:
                    44:06:d6:71:f6:ce:97:7c:2a:0d:9d:88:df:36:97:
                    a5:80:6e:a6:d0:b8:42:ef:90:ec:28:cb:5d:44:5f:
                    60:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:E1:2D:E6:FD:4B:F8:15:1B:54:A4:54:E2:01:4D:B8:C9:BF:63:F2
            X509v3 Authority Key Identifier:
                keyid:CC:7F:59:E1:08:68:BF:B9:93:AA:D4:E7:AC:65:85:D3:74:8F:28:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/1BE36B85F82AA9405E87639E2CB49C6EB0E719C6CC0619563E5C408D87253F54/0/CC7F59E10868BFB993AAD4E7AC6585D3748F2855.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CC7F59E10868BFB993AAD4E7AC6585D3748F2855.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/1BE36B85F82AA9405E87639E2CB49C6EB0E719C6CC0619563E5C408D87253F54/0/3133312e3130302e302e302f32322d3234203d3e203432343733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.100.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8e:91:ad:68:c4:fa:9d:82:4b:90:af:d4:31:08:eb:02:84:72:
         d0:17:5a:77:66:75:be:1a:aa:1e:30:16:8d:e5:00:e8:84:7c:
         66:d5:c0:a1:25:9f:71:ad:ef:19:f6:89:76:f3:94:8d:46:f3:
         c3:41:5a:97:c9:e3:a4:db:7e:57:88:17:1f:13:57:02:59:d0:
         23:f8:86:30:59:45:a9:90:e7:45:6d:ee:78:92:29:3f:a4:f2:
         b7:8b:09:45:2a:1d:1f:43:87:fa:6d:9b:cf:7c:b9:87:fc:76:
         d1:be:12:c6:5c:85:2b:65:46:93:49:c0:c8:af:82:e1:53:35:
         19:ac:ae:0e:28:a9:7a:ba:b2:cb:ff:91:9a:f6:6c:a9:77:b9:
         f9:72:46:e1:11:f7:36:98:d2:f6:f1:2c:98:7a:82:e2:d8:06:
         92:95:82:28:b5:60:d7:d0:a3:89:0c:da:1e:0f:e2:5d:59:bb:
         35:28:9d:2b:d6:4a:95:ea:88:0e:3d:33:90:83:78:f0:cd:74:
         fe:42:ee:b2:ea:70:47:6b:1d:15:b2:3a:c2:b6:96:38:08:bf:
         d3:47:b3:9c:2d:cf:40:13:7b:78:96:9e:20:76:a7:91:36:58:
         89:0c:e2:41:64:a5:a0:0c:17:cc:25:f1:7e:08:ee:50:fd:9f:
         5b:8c:b3:cd
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUFA/7zNGTh7vRpSbXWbC6DDtbkS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0M3RjU5RTEwODY4QkZCOTkzQUFENEU3QUM2NTg1RDM3
NDhGMjg1NTAeFw0yNTAyMDQxODE1MjRaFw0yNjAyMDMxODIwMjRaMDMxMTAvBgNV
BAMTKDZCRTEyREU2RkQ0QkY4MTUxQjU0QTQ1NEUyMDE0REI4QzlCRjYzRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsVepfp5L3ZfzWOqcbj0d6JUEJ
YdHbwUb5O21LtNwNo4TDYvwOKwudaUPcD/ZfosvEQQCkHEdmImlvVleOS3NIWt/c
qhhP07znrLiS4FrSrXvvwUWUL9x0EK4ql5sxO/zEeVZ/Gn5aemnBHh/f8d4YrX2f
s15QfX7MQGGANTgDj3dN82+ZejFADkI71Cyc7ZLlM6W9xs76yTb0eTo9FnnQUs4g
nbRFS/lN/Wxkt4PzFw57KpjZF+QTgJTluh+/bpjSp21kpaDeFNL4OXD+/4brYO9u
7NGhQyG4jaJeOlOPmEQG1nH2zpd8Kg2diN82l6WAbqbQuELvkOwoy11EX2BDAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUa+Et5v1L+BUbVKRU4gFNuMm/Y/IwHwYDVR0j
BBgwFoAUzH9Z4Qhov7mTqtTnrGWF03SPKFUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xQkUzNkI4NUY4MkFBOTQwNUU4NzYzOUUyQ0I0OUM2RUIw
RTcxOUM2Q0MwNjE5NTYzRTVDNDA4RDg3MjUzRjU0LzAvQ0M3RjU5RTEwODY4QkZC
OTkzQUFENEU3QUM2NTg1RDM3NDhGMjg1NS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQzdGNTlFMTA4NjhCRkI5OTNB
QUQ0RTdBQzY1ODVEMzc0OEYyODU1LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMUJFMzZCODVGODJBQTk0MDVFODc2MzlFMkNCNDlDNkVCMEU3MTlDNkND
MDYxOTU2M0U1QzQwOEQ4NzI1M0Y1NC8wLzMxMzMzMTJlMzEzMDMwMmUzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzIzNDM3MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKDZAAwDQYJ
KoZIhvcNAQELBQADggEBAI6RrWjE+p2CS5Cv1DEI6wKEctAXWndmdb4aqh4wFo3l
AOiEfGbVwKEln3Gt7xn2iXbzlI1G88NBWpfJ46TbfleIFx8TVwJZ0CP4hjBZRamQ
50Vt7niSKT+k8reLCUUqHR9Dh/ptm898uYf8dtG+EsZchStlRpNJwMivguFTNRms
rg4oqXq6ssv/kZr2bKl3uflyRuER9zaY0vbxLJh6guLYBpKVgii1YNfQo4kM2h4P
4l1ZuzUonSvWSpXqiA49M5CDePDNdP5C7rLqcEdrHRWyOsK2ljgIv9NHs5wtz0AT
e3iWniB2p5E2WIkM4kFkpaAMF8wl8X4I7lD9n1uMs80=
-----END CERTIFICATE-----